Hi, I'm attempting to migrate an NT4 domain to Samba3, and getting quite frustrated with stuff that seems not to work as advertised. I'd appreciate any help.
I've set up an OpenLDAP server, and Samba 3, configured it as a BDC, and tried running "net rpc vampire". This all works, and Samba does the appropriate stuff to try and populate the LDAP database. The scripts I've got configured are:- add user script = /usr/local/sbin/smbldap-useradd -a -m '%u' delete user script = /usr/local/sbin/smbldap-userdel '%u' add group script = /usr/local/sbin/smbldap-groupadd -p '%g' delete group script = /usr/local/sbin/smbldap-groupdel '%g' add user to group script = /usr/local/sbin/smbldap-groupmod -m '%u' '%g' delete user from group script = /usr/local/sbin/smbldap-groupmod -x '%u' '%g' set primary group script = /usr/local/sbin/smbldap-usermod -g '%g' '%u' add machine script = /usr/local/sbin/smbldap-useradd -w '%u' All the scripts are from the IdealX tools, version 0.8.5. I've set up the directory, and run smbldap-populate against it first, to check all is OK. When I symlink all the smbldap scripts to a test rig that just prints how it was called to a log file, and then run vampire, I get this:- Command line: /usr/local/sbin/smbldap-groupadd.pl -p Domain Admins Command line: /usr/local/sbin/smbldap-groupadd.pl -p Domain Users Command line: /usr/local/sbin/smbldap-groupadd.pl -p Domain Guests Command line: /usr/local/sbin/smbldap-groupadd.pl -p Wizards Command line: /usr/local/sbin/smbldap-groupadd.pl -p Watchmen Command line: /usr/local/sbin/smbldap-useradd.pl -a -m Administrator Command line: /usr/local/sbin/smbldap-useradd.pl -a -m Guest Command line: /usr/local/sbin/smbldap-useradd.pl -w WYRMBERG$ Command line: /usr/local/sbin/smbldap-useradd.pl -a -m rwind Command line: /usr/local/sbin/smbldap-useradd.pl -a -m nogg Command line: /usr/local/sbin/smbldap-useradd.pl -a -m gwax Command line: /usr/local/sbin/smbldap-useradd.pl -a -m carrott Command line: /usr/local/sbin/smbldap-useradd.pl -a -m detritus Command line: /usr/local/sbin/smbldap-useradd.pl -a -m tfairy Command line: /usr/local/sbin/smbldap-useradd.pl -w UBERWALD$ Command line: /usr/local/sbin/smbldap-useradd.pl -w quirm$ Command line: /usr/local/sbin/smbldap-useradd.pl -w TALITHA$ Command line: /usr/local/sbin/smbldap-groupadd.pl -p Account Operators Command line: /usr/local/sbin/smbldap-groupadd.pl -p Administrators Command line: /usr/local/sbin/smbldap-groupadd.pl -p Backup Operators Command line: /usr/local/sbin/smbldap-groupadd.pl -p Guests Command line: /usr/local/sbin/smbldap-groupadd.pl -p Print Operators Command line: /usr/local/sbin/smbldap-groupadd.pl -p Replicator Command line: /usr/local/sbin/smbldap-groupadd.pl -p Server Operators Command line: /usr/local/sbin/smbldap-groupadd.pl -p Users This is all being done on a test domain, with fake users at the moment, before I try a real environment. >From the command line, I can add users and groups using the commands above, and all seems to work. Yet, when I actually try the vampire with the real scripts in place, I get errors like this:- Creating unix group: 'Wizards' Creating unix group: 'Watchmen' Creating account: Administrator /usr/local/sbin/smbldap-useradd: user Administrator exists Could not create posix account info for 'Administrator' Creating account: Guest Could not create posix account info for 'Guest' Creating account: WYRMBERG$ Could not create posix account info for 'WYRMBERG$' Creating account: rwind Could not create posix account info for 'rwind' Why do I get this "Could not create posix account info" message, and what does it mean? Also, running "pdbedit -Lw" after vampiring generates:- Administrator:4294967295:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[U ]:LCT-00000000: nobody:65534:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:[NU ]:LCT-00000000: Guest:4294967295:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[UX ]:LCT-00000000: rwind:4294967295:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[UX ]:LCT-00000000: nogg:4294967295:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[UX ]:LCT-00000000: gwax:4294967295:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[UX ]:LCT-00000000: carrott:4294967295:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[UX ]:LCT-00000000: detritus:4294967295:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[UX ]:LCT-00000000: tfairy:4294967295:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[UX ]:LCT-00000000: For some reason, all the NT password information completely fails to migrate. Why? I've installed the Crypt::SmbHash module so perl can find it, which is what I thought the tools used. Is anyone else having these problems? I've been through every piece of documentation that I can find thus far, and although I believe I know what to do, no combination of steps actually seems to work properly. I've read the Samba 3 by example book, the idealx HOWTO, the Samba HOWTO collecion, and am coming to the conclusion that it'd just be easier to dump my user data with the old windows samdump utility, and just build my own ldap directory from scratch..... Any information/ideas very much appreciated. Mike. P.S. Here's a sample created account entry, if that helps any:- dn: uid=rwind,ou=People,dc=acu,dc=ac,dc=uk objectClass: top objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: sambaSAMAccount cn: rwind sn: rwind uid: rwind uidNumber: 1006 gidNumber: 513 homeDirectory: /home/rwind loginShell: /bin/bash gecos: System User description: System User userPassword:: e2NyeXB0fXg= structuralObjectClass: inetOrgPerson entryUUID: a3d3720c-7111-1028-96d6-80de4c82e4f8 creatorsName: cn=admin,dc=acu,dc=ac,dc=uk createTimestamp: 20040723163232Z sambaPwdLastSet: 0 sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 sambaPwdMustChange: 2147483647 displayName: System User sambaAcctFlags: [UX] sambaSID: S-1-5-21-2704678572-2069052080-1039482078-3012 sambaLMPassword: XXX sambaPrimaryGroupSID: S-1-5-21-2704678572-2069052080-1039482078-513 sambaProfilePath: \\TALITHA\profiles\rwind sambaHomePath: \\TALITHA\home\rwind sambaHomeDrive: M: sambaNTPassword: XXX entryCSN: 2004072316:32:32Z#0x0004#0#0000 modifiersName: cn=admin,dc=acu,dc=ac,dc=uk modifyTimestamp: 20040723163232Z -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba